User Manual
SWR2311P>show access-group
Interface port1.1 : IPv4 access group 1 in
Interface port1.7 : IPv6 access group 3002 in
Interface port1.8 : MAC access group 2001 in
9.1.13 Set VLAN access map and move to VLAN access map mode
[Syntax]
vlan access-map access-map-name
no vlan access-map access-map-name
[Parameter]
access-map-name : Single-byte alphanumeric characters and single-byte symbols(256 characters or less)
Access map name
[Initial value]
none
[Input mode]
global configuration mode
[Description]
Create a VLAN access map with the name specified by access-map-name, and then move to VLAN access map mode in order
to make VLAN access map settings.
If this command is executed with the "no" syntax, the specified VLAN access map is deleted.
[Note]
To return from VLAN access map mode mode to global configuration mode, use the exit command. To return to priviledged
EXEC mode, use the end command.
[Example]
Create a VLAN access map named "VAM001", and move to VLAN access map mode.
SWR2311P(config)#vlan access-map VAM001
SWR2311P(config-vlan-access-map)#
9.1.14 Set access list for VLAN access map
[Syntax]
match access-list list-id
no match access-list list-id
[Parameter]
list-id : <1-2000>, <2001-3000>, <3001-4000>
Access list number specified by the access-list command
[Initial value]
none
[Input mode]
VLAN access map mode
[Description]
Sets the access list that is applied to the corresponding VLAN access map.
If this command is executed with the "no" syntax, the specified access list is deleted from the corresponding VLAN access map.
[Note]
Only one access list can be specified for one VLAN access map.
You can use the show vlan access-map command to view the setting.
[Example]
Create a VLAN access map named "VAM001", and specify an access list that denies packets from 192.168.0.1.
SWR2311P(config)#access-list 2 deny any 192.168.0.1/32 any
SWR2311P(config)#vlan access-map VAM001
SWR2311P(config-vlan-access-map)#match access-list 2
244 | Command Reference | Traffic control